[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

NDP DoS attack



* Mikael Abrahamsson:

> On Sun, 17 Jul 2011, Florian Weimer wrote:
>
>> Others use tunnels, PPPoE or lots of scripting, so certainly
>> something can be done about it.  To my knowledge, SAVI SEND is still
>> at a similar stage.  Pointers to vendor documentation would be
>> appreciated if this is not the case.
>
> <www.ietf.org/proceedings/79/slides/savi-6.pdf>

Interesting, thnaks.  It's not the vendors I would expect, and it's
not based on SEND (which is not surprising at all and actually a good
thing).

Is this actually secure in the sense that it ties addresses to
specific ports for both sending and receiving?  I'm asking because
folks have built similar systems for IPv4 which weren't.  The CLI
screenshots look good, better than what most folks achieve with IPv4.